Putting Docker Enterprise Edition on the Map with Kadaster and Capgemini
As a government organization for the Netherlands, Kadaster is responsible for collecting and registering property and land rights, ships, aircraft and telecom networks. An important service for its citizens, registry information is available predominantly through online web services.
Beginning in 2011, Kadaster created a vision for their next generation technology platform which included a combination of SaaS, IaaS, and PaaS services. Today, Docker Enterprise Edition (Docker EE) is an essential part of this solution. At DockerCon Europe, Rick Peters from CapGemini discussed how they worked with Kadaster to deliver an agile application platform that now runs some of the most demanding workloads for the Dutch organization.
You can watch the talk here:
Growth of Private Cloud Fuels Hunger for New Technologies
Beginning in 2012, Kadaster created one of the most successful private clouds in the Netherlands. Starting out as 300 virtual machines, the team did not think they would surpass 750 virtual machines, but blew well past that figure in just two years.
That rapid expansion was fueled by the easier self-service delivery model and the ability deploy apps more regularly and faster. Initially focused as a Java runtime platform powered by virtualization, the platform objectives shifted over Continue reading
Using two-factor SAML with Ansible Tower
In a previous post, I explained how Red Hat Ansible Tower works with SAML. A little known fact about Ansible Tower is that it supports two-factor SAML. More precisely, Ansible Tower can be configured to not disallow SAML with two-factor. Ansible Tower relies heavily on django-social-auth, which comes with a SAML backend, which relies heavily on python-saml. python-saml contains a default setting, specifically requestedAuthnContext, that, put simply, requests that the idp authenticate the user using a password. To reiterate, Ansible Tower will ask for the user to be authenticated by a password and not be given the choice to authenticate the user by two-factor.
In order to allow the IDP to choose two-factor, we need to not ask it to authenticate using password. More specifically, we need to not include the samlp:RequestedAuthnContext directive at all. Ansible Tower shouldn’t be making the presumption about the IDP’s authentication methods on the other side. Maybe the IDP supports calling the employee on the phone to authenticate. This is a decision that should be made by the IDP.
Let’s see how we make this happen. Create the file /etc/tower/conf.d/saml.py with the following content:
"SOCIAL_AUTH_SAML_SECURITY_CONFIG": {
"requestedAuthnContext": False
}
Then issue Continue reading
Open networking drives forward with Cumulus Linux 3.5
‘Tis the season for spreading holiday cheer! As mentioned a few weeks ago, we at Cumulus feel so thankful for all the great success in 2017. Our focus and stated goal has been to disrupt and transform the future of networking. We are pioneering a new generation of hyper-scale, automated and open networks designed to drive network agility in an era of digital transformation.
As 2017 comes to a close, we know many of you are excited to celebrate the holidays. We’d like to give you even more to cheer for this season by announcing a few exciting enhancements to Cumulus Linux with our 3.5 release — all designed to help you create an agile, open network that gives you the web-scale benefits of automation, interoperability, cost savings and choice.
In our new release of Cumulus Linux 3.5, we bring you the following open networking benefits:
The industry’s most comprehensive VXLAN routing suite
Most legacy vendors offer either asymmetric routing or symmetric routing. For comparison, Cisco and Arista implement their VXLAN routing solution using symmetric mode. Juniper implements its VXLAN routing solution using asymmetric mode and some symmetric. With these different routing solutions, these vendor switches can’t operate Continue reading
The Network in 2018: Cloud, Containers, and Connections
Here's what to expect in enterprise networking in the coming year.
Salt Deep Dive on Building Network Automation Solutions Online Course
In the first few sessions of the Building Network Automation Solutions online course we used Ansible as the tool-of-choice because it’s the easiest automation tool to get started with. Now that we’ve established the baseline, it’s time to explore the alternatives.
In a live session on February 27th 2018, Mircea Ulinic will describe Salt, an open source, general-purpose event-driven automation framework that we briefly discussed in Episode 77 of Software Gone Wild podcast.
Read more ...BiB 20: Broadcom Tomahawk 3 Announced With 32x400G ports
Holy cow. Broadcom Tomahawk 3 is a 32 x 400G ASIC at lower power, latency and reduced cost/100G speed. Built for the cloud it signals the next generation of 200G/400G Ethernet is on its way.
The post BiB 20: Broadcom Tomahawk 3 Announced With 32x400G ports appeared first on Packet Pushers.
Introduction to Client VPN
Introduction to Metro Ethernet
Before I will start with the information on Metro Ethernet, I would like to tell you guys that we have our own youtube channel for various network videos that can further help you guys to study further. I will going to add many more videos soon on the channel, Please subscribe to the channel for the study network related videos.
Starting a new BCOP – “How to run and protect an email server on IPv6”
After the recent series of technical Best Current Operational Practices (BCOP) documents that we initiated and co-authored, it’s time for new one. This time on how to run an incoming email server on IPv6 and survive!
Back in 2010 we started the IPv6 series of BCOP documents, starting with the popular RIPE-501 that was superseded by the even more popular RIPE-554 that discusses how to specify IPv6 functionality and compliance when ordering ICT equipment. This document emerged from listening to the Internet community that is deploying IPv6, and figuring out the common problems in order to come up with recommendations on how to solve them.
The next most common issue that we heard about, was that helpdesks of network operators would melt down if they deployed IPv6 to their end customers as they don’t know anything about IPv6. So we built an online tool and wrote some helpdesk procedures on how to troubleshoot IPv6 issues when users call them – resulting in another useful document that was published as RIPE-631.
After addressing this, we then repeatedly heard questions about what size of IPv6 prefixes should be given to end-users and should it be assigned statically or dynamically. We therefore put Continue reading
Enterprise Security Spending Will Total $96.3B in 2018, Gartner Says
Companies are using multiple tools, leading to vendor fatigue and complex security environments.
LinkedIn’s Project Falco Swoops Up SONiC Switching Platform
The disaggregated data center project developed its own switch called Pigeon.
Red Hat Ansible Automation recognized with 2017 Editor’s Choice Award from Virtualization & Cloud Review
Each year the contributing editors at Virtualization & Cloud Review roundup products they love, from what they rely on every day to the innovative tech products they're excited to see. This year, enterprise IT watcher and analyst Dan Kusnetzky selected us for our framework, which makes it easier for enterprises to monitor, manage and automate their physical, virtual and cloud resources. Our community also gets a shout out from Dan, noting our 3,000 contributors worldwide. They're a testament to our dedicated community, contributing to the project and enabling the monitoring, management and automation of Windows, Linux and more.
Thank you to our community and Red Hat for driving organizations to transform to automated enterprises. Read about all of the winners here.
Oracle Constructs $1.2B Offer for Cloud Firm Aconex
Construction-technology firms have generated $10 billion in funding since 2011, a McKinsey report says.